VDB
CVE-2023-36834
CVE-2023-36834
PUBLISHED
Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugehörigen Produkten. Dazu zählen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgemäße Überprüfungen, Out-of-Bounds-Read, unsachgemäße Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und seine Privilegien zu erweitern.
EPSS 0.11% · 29.4th percentile
Risk Scores
EPSS Score
0.11%
29.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Juniper JUNOS PTX10008 | |
| Juniper | Juniper JUNOS PTX10001-36MR | |
| Juniper | Juniper JUNOS Space | |
| Juniper | Juniper JUNOS Contrail Cloud | |
| Juniper | Juniper QFX Series 10000 | |
| Juniper | Juniper JUNOS Evolved | |
| Juniper | Juniper JUNOS | |
| Juniper | Juniper MX Series | |
| Juniper | Juniper SRX Series 5000 | |
| Juniper | Juniper SRX Series | |
| Juniper | Juniper SRX Series 4600 | |
| Juniper | Juniper JUNOS PTX10016 | |
| Juniper | Juniper JUNOS PTX10004 |
Timeline
- Jul 12, 2023 CVE Published
- Jul 15, 2023 EPSS Score
- Aug 18, 2023 EPSS Score
- Sep 22, 2023 EPSS Score
- Oct 26, 2023 EPSS Score
- Nov 30, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Feb 6, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 15, 2024 EPSS Score
- May 20, 2024 EPSS Score
- Jun 23, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1737.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1737 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71656 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71659 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71653 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71650 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71660 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71655 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71647 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71643 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71642 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71651 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71640 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71661 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71639 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71662 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71645 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71641 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71636 advisory